According to the Bad Bot Report, in 2017, bad bots accounted for 21.8 percent of all website traffic, a 9.5% increase over the previous year. Good bots increased by 8.7% to make up 20.4% of all website traffic. Bad bots can attack retailers in multiple ways, including:
Price scraping: checking prices to help competitors beat them;
Account takeovers: testing stolen login credentials;
Gift card balance checking: stealing money from gift card accounts with a balance; and
Credit card fraud: testing credit card numbers to determine missing data such as CVVs.
Gambling companies and airlines suffer from higher proportions of bad bot traffic than other industries, with 53.1% and 43.9% of traffic coming from bad bots, respectively. Ecommerce, healthcare and ticketing websites suffer from highly sophisticated bots, which are difficult to detect. Account takeover attacks occur 2-3 times per month on the average website, but immediately following a breach, they are three times more frequent, as bot operators know that people reuse the same credentials across multiple websites.
Sophisticated bots, which can mimic human behavior to avoid detection, made up 22.9% of bad bot traffic to ecommerce sites. Another 50.92% of bots were of moderate sophistication, which are somewhat less complex.
Bad bots are used by competitors, hackers and fraudsters and are the main culprits behind web scraping, brute force attacks, competitive data mining, online fraud, account hijacking, data theft, spam, digital ad fraud and downtime.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now